ConnectWise has launched a security alert website to help customers and partners track security related statements, vulnerabilities, patches, compliance and privacy updates from the software company.
ConnectWise has also hired GuidePoint, a third-party cybersecurity solutions company, to further validate the company's patches and vulnerability mitigation efforts.
The new ConnectWise Security Trust site "will be a primary source of information on security incidents, relevant alerts and of course critical patches and product updates," ConnectWise CEO Jason Magee wrote in an open letter to partners and customers.
The site and letter from Magee surface as ConnectWise seeks to clarify how the company investigated and addressed eight potential security vulnerabilities in ConnectWise Control, a remote management software tool that's popular with MSPs (managed IT services providers) and IT departments.
ConnectWise Control: Bishop Fox and ConnectWise Perspectives
Bishop Fox says it discovered and reported the security firm's vulnerability findings to ConnectWise. Huntress Labs further validated the findings at the request of CRN, which reported on the alleged security issues earlier this week.
In response to the Bishop Fox report, ConnectWise has posted a matrix that explains ConnectWise's stance on each potential issue.
The matrix also includes third-party perspectives from GuidePoint, the third-party cybersecurity solutions company that ConnectWise hired to further validate the company's patches and vulnerability mitigation efforts.
ConnectWise's latest cybersecurity efforts surface at a time when MSPs and their software platforms remain prime targets for attack. The FBI and U.S. Department of Homeland Security have repeatedly warned MSPs and their technology platform providers about such attacks.
MSP Security: Basic First Steps
To get ahead of the cyber threat, ChannelE2E and MSSP Alert have recommended that readers:
